PT-2026-42129 · Nlnet+3 · Unbound+3

·

CVE-2026-42534

·

Published

2026-05-20

·

Updated

2026-06-30

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1
Description An issue exists in the jostle logic that can degrade resolution performance. When the num-queries-per-thread limit is reached, the jostle logic identifies slow-resolving queries for replacement. However, duplicate queries for the same resolution effort update the timestamp to the latest request rather than maintaining the original start time. This skews the aging process, preventing the system from correctly identifying and replacing aged queries. An attacker capable of querying the system and controlling a slow or malicious domain name server can exploit this to degrade performance, potentially leading to a denial of resolution service. Cache and local data response performance are not affected.
Recommendations Update to version 1.25.1.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-42534
ECHO-CD79-BA54-3567
OPENSUSE-SU-2026:10903-1
OPENSUSE-SU-2026:21083-1
SUSE-SU-2026:21874-1
SUSE-SU-2026:21913-1
SUSE-SU-2026:22160-1
SUSE-SU-2026:22213-1
SUSE-SU-2026:2281-1
SUSE-SU-2026:2369-1
USN-8282-1

Affected Products

Freebsd
Linuxmint
Ubuntu
Unbound